@@ -2386,7 +2386,10 @@ def wrap_conn(self):
2386
2386
sys .stdout .write (" client cert is " + pprint .pformat (cert ) + "\n " )
2387
2387
cert_binary = self .sslconn .getpeercert (True )
2388
2388
if support .verbose and self .server .chatty :
2389
- sys .stdout .write (" cert binary is " + str (len (cert_binary )) + " bytes\n " )
2389
+ if cert_binary is None :
2390
+ sys .stdout .write (" client did not provide a cert\n " )
2391
+ else :
2392
+ sys .stdout .write (f" cert binary is { len (cert_binary )} b\n " )
2390
2393
cipher = self .sslconn .cipher ()
2391
2394
if support .verbose and self .server .chatty :
2392
2395
sys .stdout .write (" server: connection cipher is now " + str (cipher ) + "\n " )
@@ -2494,6 +2497,10 @@ def run(self):
2494
2497
)
2495
2498
else :
2496
2499
handle_error ("Test server failure:\n " )
2500
+ try :
2501
+ self .write (b"ERROR\n " )
2502
+ except OSError :
2503
+ pass
2497
2504
self .close ()
2498
2505
self .running = False
2499
2506
@@ -4399,24 +4406,30 @@ def test_pha_required_nocert(self):
4399
4406
server_context .verify_mode = ssl .CERT_REQUIRED
4400
4407
client_context .post_handshake_auth = True
4401
4408
4402
- # Ignore expected SSLError in ConnectionHandler of ThreadedEchoServer
4403
- # (it is only raised sometimes on Windows)
4404
- with threading_helper .catch_threading_exception () as cm :
4405
- server = ThreadedEchoServer (context = server_context , chatty = False )
4406
- with server :
4407
- with client_context .wrap_socket (socket .socket (),
4408
- server_hostname = hostname ) as s :
4409
- s .connect ((HOST , server .port ))
4410
- s .write (b'PHA' )
4409
+ def msg_cb (conn , direction , version , content_type , msg_type , data ):
4410
+ if support .verbose and content_type == _TLSContentType .ALERT :
4411
+ info = (conn , direction , version , content_type , msg_type , data )
4412
+ sys .stdout .write (f"TLS: { info !r} \n " )
4413
+
4414
+ server_context ._msg_callback = msg_cb
4415
+ client_context ._msg_callback = msg_cb
4416
+
4417
+ server = ThreadedEchoServer (context = server_context , chatty = True )
4418
+ with server :
4419
+ with client_context .wrap_socket (socket .socket (),
4420
+ server_hostname = hostname ) as s :
4421
+ s .connect ((HOST , server .port ))
4422
+ s .write (b'PHA' )
4423
+ with self .assertRaisesRegex (
4424
+ ssl .SSLError ,
4425
+ 'tlsv13 alert certificate required'
4426
+ ):
4411
4427
# receive CertificateRequest
4412
4428
self .assertEqual (s .recv (1024 ), b'OK\n ' )
4413
4429
# send empty Certificate + Finish
4414
4430
s .write (b'HASCERT' )
4415
4431
# receive alert
4416
- with self .assertRaisesRegex (
4417
- ssl .SSLError ,
4418
- 'tlsv13 alert certificate required' ):
4419
- s .recv (1024 )
4432
+ s .recv (1024 )
4420
4433
4421
4434
def test_pha_optional (self ):
4422
4435
if support .verbose :
0 commit comments